From Host Card Emulation (HCE) and tokenization, to empowering organizations to become their own Token Service Provider (TSP), Rambus Bell ID software provides a comprehensive, mobile payment solution to banks and retailers worldwide that loads and manages payment credentials on Near Field Communication (NFC)-based smartphones and connected devices. Learn more about Security

Featuring comprehensive solutions for both physical and virtual smart cards, the Rambus Smart Ticketing suite of products, including technology from Ecebs, offer secure and easy-to-implement solutions for any transport scenario, including rail, bus, and ferry. Learn more about Security

Made for high speed, reliability and power efficiency, our DDR3 and DDR4 chipsets, recently acquired from Inphi, for RDIMM and LRDIMM server modules deliver top-of-the-line performance and capacity for the next wave of enterprise and data center servers. Learn more about Memory + Interfaces

With their reduced power consumption and industry-leading data rates, our line-up of memory interface IP solutions support a broad range of industry standards with improved margin and flexibility. Learn more about Memory + Interfaces

Inspired by the innovative thinking at the heart of Rambus Labs, the Emerging Solutions division at Rambus works to translate extraordinary theory into everyday practice. Learn more about Emerging Solutions

“Multiple vendors are responding with products meant to keep the IoT devices protected from the cyberattacks that are becoming more common,” he explained. “While IoT privacy remains a key concern for consumers and homeowners, IoT security has taken on top-of-mind priority for the many companies entering and serving the market.”

As Dorsch points out, hardware vendors have been focused on this issue for some time, often with mixed results.

“[This is] because threat levels—and perceived threat levels—vary greatly from one market to the next, and from one product to the next,” he added.

As Asaf Ashkenazi, senior director of product management in Rambus’ Security Division notes, building hardware that incorporates hardened security features would see devices protected throughout their lifecycle from chip manufacture, to day-to-day deployment, to decommissioning.

“This can be accomplished with a silicon-based hardware root-of-trust that offers a range of robust security options for IoT devices, including secure connectivity between the IoT device and its cloud service,” he told Semiconductor Engineering.

As Ashkenazi tells Rambus Press, the DHS also recommends that device manufacturers promote security updates and vulnerability management. To be sure, even when security is included at the very beginning of the design process, vulnerabilities may be discovered in products after they have been deployed. These flaws can be mitigated through patching, security updates and vulnerability management strategies.

“From our perspective, life-cycle management, which includes over-the-air (OTA) updates and vulnerability management, is essential to maintaining the continued security of IoT devices,” he stated. “Life-cycle management should be implemented utilizing a secure hardware root- of-trust to ensure secure updates of firmware and cryptographic keys.”

In addition, says Ashkenazi, a hardware root- of-trust with a unique cryptographic identifier allows each IoT device to be uniquely and cryptographically verified to determine if it is authorized to connect to a specific cloud service.

“Spoofed or unauthorized devices are easily identified by the service and denied access. This secure connectivity paradigm also helps mitigate the effectiveness (and damage) of DDoS attacks against the IoT service itself, while ensuring the integrity and protection of collected data,” he added. “Preventing malicious actors from manipulating the flow of information to and from network-connected devices is the cornerstone of establishing a secure IoT network.”

Interested in learning more about securing IoT devices? You can check out our white paper on the subject here and our article archive here.